Duo with Exchange 2013 OWA


#1

We have an Exchange 2013 environment setup with a DAG. Two of the production servers are configured with a Kemp Load Master load balancer. One of the servers is in our DR facility and not load balanced.

We have installed duo on the one DR server for testing purposes. When testing we do not get prompted for a duo. We are going to OWA via https://127.0.0.1/owa, but do not get the prompt upon login. We are then logged into the mailbox.

This Exchange server in our DR location does not have any active databases, just passive copies. Not sure if that has anything to do with this.

I turned on debug mode, and see some events stating: “User is not authenticated; resource not protected”
Authentication not required

Lastly, and good documentation out there for configuring OWA with Kemp Load Master load balancers?

Thanks for the help!

-Evan


#2

Hey @evan631

Without the whole log it could display that for a few reasons with debug enabled. As far as the DR server it’s also dependent if you are proxying or redirecting the connections.

Check out Kemps KB for Duo support. https://support.kemptechnologies.com/hc/en-us/articles/218374383-Duo-Two-Factor-Authentication-with-Sub-Virtual-Services